CVE-2024-4522 Campcodes Complete Web-Based School Management System teacher_salary_details.php cross site scripting

A vulnerability classified as problematic was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/teachersalarydetails.php. The manipulation of the argument index leads to cross site scripting. The attack...

CVE-2024-4521

CVE-2024-4521 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a cross-site scripting flaw in the unknown function of the file /view/teacher_salary_details2.php caused by manipulation of the index parameter. It is remotely exploitable and the exploit has bee...

CVE-2024-4518

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /view/teachersalaryinvoice.php. The manipulation of the argument desc leads to cross site scripting. The attack can be...

CVE-2024-4519

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /view/teachersalarydetails3.php. The manipulation of the argument month leads to cross site scripting. The attack may be...

CVE-2024-4518 Campcodes Complete Web-Based School Management System teacher_salary_invoice.php cross site scripting

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /view/teachersalaryinvoice.php. The manipulation of the argument desc leads to cross site scripting. The attack can be...

CVE-2024-4518 Campcodes Complete Web-Based School Management System teacher_salary_invoice.php cross site scripting

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /view/teachersalaryinvoice.php. The manipulation of the argument desc leads to cross site scripting. The attack can be...

CVE-2024-4515 Campcodes Complete Web-Based School Management System timetable_grade_wise.php cross site scripting

A vulnerability has been found in Campcodes Complete Web-Based School Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /view/timetablegradewise.php. The manipulation of the argument grade leads to cross site scripting. The...

CVE-2024-4514 Campcodes Complete Web-Based School Management System timetable_insert_form.php cross site scripting

A vulnerability, which was classified as problematic, was found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/timetableinsertform.php. The manipulation of the argument grade leads to cross site scripting. It is possible to launch t...

CVE-2024-4513 Campcodes Complete Web-Based School Management System timetable_update_form.php cross site scripting

A vulnerability, which was classified as problematic, has been found in Campcodes Complete Web-Based School Management System 1.0. This issue affects some unknown processing of the file /view/timetableupdateform.php. The manipulation of the argument grade leads to cross site scripting. The attack...

CVE-2024-4513

Campcodes Complete Web-Based School Management System 1.0 is affected by a cross-site scripting vulnerability in the grade parameter of /view/timetable_update_form.php. Root cause: unsanitized user input leads to XSS. Impact: allows remote exploitation; exploitation details have been disclosed pu...

Campcodes Complete Web-Based School Management System 跨站脚本漏洞

Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A cross-site scripting vulnerability exists in version 1.0 of the Campcodes Complete Web-Based School Management System, which stems from a cross-site scripting vulnerability in the...

campcodes Complete Web-Based School Management System 安全漏洞

Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A security vulnerability exists in version 1.0 of the campcodes Complete Web-Based School Management System, which originates from an SQL injection vulnerability in the index paramet...

campcodes Complete Web-Based School Management System 安全漏洞

Campcodes Complete Web-Based School Management System is a web-based school management system from Campcodes, Inc. A security vulnerability exists in version 1.0 of the campcodes Complete Web-Based School Management System, which results from an SQL injection vulnerability in the eventid paramete...

campcodes Complete Web-Based School Management System 安全漏洞

Campcodes Complete Web-Based School Management System is a web-based school management system from Campcodes, Inc. A security vulnerability exists in version 1.0 of the campcodes Complete Web-Based School Management System due to an SQL injection vulnerability in the friendindex parameter of the...

CVE-2024-33405

SQL injection vulnerability in addfriends.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the friendindex parameter...

Campcodes Complete Web-Based School Management System 跨站脚本漏洞

Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A cross-site scripting vulnerability exists in version 1.0 of the Campcodes Complete Web-Based School Management System, which stems from a cross-site scripting vulnerability in the...

Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise

Rapid7 vulnerability researcher Ryan Emmons contributed to this blog. On Friday, April 19, 2024, managed file transfer vendor CrushFTP released information to a private mailing list on a new zero-day vulnerability affecting versions below 10.7.1 and 11.1.0 as well as legacy 9.x versions across al...

Gambio Online Webshop unauthenticated PHP Deserialization Vulnerability

A Remote Code Execution vulnerability in Gambio online webshop version 4.9.2.0 and lower allows remote attackers to run arbitrary commands via unauthenticated HTTP POST request. The identified vulnerability within Gambio pertains to an insecure deserialization flaw, which ultimately allows an...

CVE-2024-30974

SQL Injection vulnerability in autoexpress v.1.3.0 allows attackers to run arbitrary SQL commands via the carId parameter...

PT-2024-24744

Name of the Vulnerable Software and Affected Versions rustls versions prior to 0.21.11 rustls versions prior to 0.22.4 rustls versions prior to 0.23.5 Description The rustls::ConnectionCommon::complete io function could fall into an infinite loop based on network input. When using a blocking rust...